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Response to Amendment 

This office action is responsive to Applicant's amendment filed on August 18, 
2005. Claims 1-20 are pending. 

Response to Arguments 

Applicant's arguments, see Remarks, filed August 18, 2005, with respect to the 
rejection(s) of claim(s) 1-7 and 9-19 under 102(e) have been fully considered and are 
persuasive. Therefore, the rejection and objections have been withdrawn. However, 
upon further consideration, a new ground(s) of rejection is made in view of a newly 
found prior art. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-18 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Gleichauf et al., (U.S. Patent No. 6,301 ,668 and Gleichauf hereinafter). 

Regarding claims 1 and 13, Gleichauf discloses a network reference model for 
use in configuring security software on a computer network, the network reference 
model comprising: 
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a database engine providing deduction, a network information database 
associated with the database engine and providing a central repository for a 
configuration of hardware and software installed on the network (Col. 5, lines 33-67), 
and a security goal database associated with the database engine and describing uses 
that the hardware and software installed on the network may support (Col. 7, lines 20- 
65). 

Regarding claims 2-10, and 13-14, Gleichauf discloses a configuration tool for 
use in configuring security software packages on a computer network the configuration 
tool comprising: 

a description logic database engine, a network information database associated 
with the description logic database engine and providing a central repository for a 
configuration of hardware and software installed on the network (Col. 5, lines 33-67), 

a security goal database associated with the description logic database engine 
and providing security goals describing uses that the hardware and software of the 
network may support (Col. 7, lines 1-65), 

an event database associated with the description logic database engine and 
containing events related to the network, wherein the events contained in the event 
database include possible attacks against the network and benign events that could.be 
confused with the possible attacks (Col. 5, lines 52-67 and Col. 6, lines 1-15), 

a first configuration module coupled to the description logic database engine for 
configuring intrusion blocking security software packages, a second configuration 
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module coupled to the description logic database engine for configuring intrusion 
detecting security software packages, a system hardening module coupled to the 
description logic database engine for automating a process of hardening the network 
(Col. 6, lines 50-67 and Col. 7, lines 1-25) and 

an audit configuration module coupled to the description logic database engine 
for probing the network for vulnerabilities (Col. 4, lines 1-40), 

wherein the first configuration module configures the intrusion blocking security 
software packages based on the configuration of the hardware and software installed 
on the network and the security goals, wherein the second configuration module 
configures the intrusion detecting seculity software packages based on the 
configuration of the hardware and software installed on the network and the security 
goals (Col. 7, lines 65-67 and Col. 8, lines 1-67 and Col. 9, lines 1-18), and 

wherein the system hardening module is context sensitive (Col. 6, lines 15-45). 

Regarding claims 1 1 and 15, Gleichauf discloses a method for configuring a 
security software package installed on an individual network device, the method 
comprising: 

using active inference in an object-oriented description logic database engine to 
decompose one or more security policies for a class of network devices into one or 
more security goals for the individual network device, wherein the individual network 
device is a member of the class of network devices (Col. 5, lines 1-50), and 
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configuring the security software package using the one or more security goals, 
wherein the security software package is selected from the group consisting of an 
intrusion blocking software package and an intrusion detecting software package (Col. 
9, lines 4-16). 

Regarding claims 12 and 16, Gleichauf discloses wherein using active inference 
further comprises automatically classifying the individual network device based on an IP 
address, a network topology and one or more services the individual network device 
provides, and applying rules to the individual network device based on its classification 
(Col. 4, lines 40-67 and Col. 6, lines 14-35). 

Regarding claims 17 and 18, Gleichauf discloses a method for configuring a 
security software package, the method comprising: 

defining one or more security policies for a class of network devices, wherein the 
security software package is a service running on at least one network device of the 
class of network devices (Col. 6, lines 14-35), using a database engine providing 
deduction to decompose the one or more security policies for the class of network 
devices into one or more security goals, using a database engine providing deduction to 
associate the one or more security goals with the at least one network device (Col. 5, 
lines 32-67 and Col. 6, lines 1-67), and configuring the security software package on the 
at least one network device using the one or more security goals (Col. 7, lines 1-25). 
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Allowable Subject Matter 

Claims 19-20 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Conklin et al., (U.S. Patent No. 5,991,881), 
Vaidya, (U.S. Patent No. 6,279,113), 
Gleichauf et al., (U.S. Patent No. 6,816,973), 
Gleichauf et al., (U.S. Patent No. 6,499,107), and 
Gleichauf et al., (U.S. Patent No. 6,324,656). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Arezoo Sherkat whose telephone number is (571 ) 272- 
3796. The examiner can normally be reached on 8:00-4:30 Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300, 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 





Arezoo Sherkat 
Patent Examiner 
Group 2131 
Nov. 14, 2005 
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